摘要
在采取网络功能虚拟化技术构建的协作式网络抵御分布式拒绝服务攻击的过程中,由于协作网络中的资源有限,协作网络中的参与者存在为了自身安全而采取自私行为的问题,进而减弱协作网络缓解DDoS攻击能力。针对上述问题,提出了一种新的缓解DDoS攻击策略。该策略在协作网络中构建重复囚徒困境博弈模型,引入奖罚分明激励机制加强协作网络的合作性,并采取基于社会信誉值评估的动态资源分配机制。仿真实验表明,新的协作式DDoS攻击防御技术在分组丢失率、合作性和资源分配率方面优于现有方案,提高了DDoS攻击防御的有效性。
To solve the problem of selfish behavior for self-security due to limited resources in the process of resisting distributed denial of service(DDoS)attacks by a collaborative network built with network function virtualization(NFV)technology,a new collaborative DDoS defense network model was proposed.a repeat prisoner’s dilemma game model was built in the collaborative network,a reward and punishment incentive mechanism was introduced to strengthen the cooperation of the collaborative network,and a dynamic resource allocation mechanism based on social reputation value assessment was adopted.Simulation results show that the new collaborative DDoS attack defense technology outperforms existing solutions in terms of packet loss rate,cooperation,and resource allocation rate,improving the effectiveness of DDoS attack defense.
作者
许传丰
林晖
郭烜成
汪晓丁
XU Chuanfeng;LIN Hui;GUO Xuancheng;WANG Xiaoding(School of Mathematics and Computer Science,Fujian Normal University,Fuzhou 350117,China;Fujian Provincial Key Laboratory of Network Security and Cryptology,Fujian Nomal University,Fuzhou 350117,China)
出处
《网络与信息安全学报》
2019年第2期66-76,共11页
Chinese Journal of Network and Information Security
基金
国家自然科学基金面上资助项目(No.61772008)
福建省引导基金资助项目(原工业重点基金资助项目)(No.2016Y0031)
福州市科技局基金资助项目(2017-G-79)
福建省自然科学基金资助项目(2016J01289)
关键词
分布式拒绝服务攻击
网络功能虚拟化
协作网络
自私行为
囚徒困境博弈
distributed denial of service attack
network function virtualization
collaborative network
selfish behavior
prisoner’s dilemma game
